java链接数据库ssl
时间: 2023-07-08 11:33:27 浏览: 49
要在Java中使用SSL连接数据库,需要使用Java Secure Socket Extension(JSSE)库。以下是使用JSSE库连接MySQL数据库的示例代码:
```java
import java.sql.*;
import java.util.Properties;
import javax.net.ssl.*;
public class SSLDemo {
public static void main(String[] args) throws SQLException {
String url = "jdbc:mysql://localhost:3306/test";
Properties props = new Properties();
props.setProperty("user", "root");
props.setProperty("password", "password");
props.setProperty("useSSL", "true");
props.setProperty("requireSSL", "true");
props.setProperty("verifyServerCertificate", "true");
props.setProperty("clientCertificateKeyStoreUrl", "/path/to/client/keystore");
props.setProperty("clientCertificateKeyStorePassword", "keystore_password");
props.setProperty("trustCertificateKeyStoreUrl", "/path/to/truststore");
props.setProperty("trustCertificateKeyStorePassword", "truststore_password");
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("/path/to/client/keystore"), "keystore_password".toCharArray());
keyManagerFactory.init(keyStore, "keystore_password".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
KeyStore trustStore = KeyStore.getInstance("PKCS12");
trustStore.load(new FileInputStream("/path/to/truststore"), "truststore_password".toCharArray());
trustManagerFactory.init(trustStore);
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket("localhost", 3306);
props.put("javax.net.ssl.SSLSocketFactory", sslSocketFactory);
Connection conn = DriverManager.getConnection(url, props);
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("SELECT * FROM users");
while (rs.next()) {
System.out.println(rs.getString("username") + ": " + rs.getString("password"));
}
rs.close();
stmt.close();
conn.close();
}
}
```
在上面的代码中,我们指定了连接MySQL数据库所需的属性,包括使用SSL连接、需要服务器证书验证、需要客户端证书验证、客户端证书库和信任证书库的路径和密码等。然后,我们使用SSLContext和KeyManagerFactory加载客户端证书库和TrustManagerFactory加载信任证书库,并使用它们初始化SSL上下文。最后,我们创建一个SSLSocket并将其用作javax.net.ssl.SSLSocketFactory的实例,然后将其设置为连接属性,并使用DriverManager.getConnection()方法连接到MySQL数据库。